Gateway for networked video management system

ABSTRACT

A number of variations may include providing a computer system for networked video management, the computer system may include at least one computer having non-transitory memory for storing machine instructions that are to be executed by the computer, the machine instructions when executed by the computer implement the following web service proxy protocol: opening at least one first network connection from at least one video gateway device to at least one web service proxy application and opening at least one second network connection from the at least one video gateway device to at least one network camera on a server network; performing a scan for network cameras on the server network via the at least one gateway device and transmitting the results of the scan to the web service proxy application; and establishing at least one tunnel between the at least one network camera and the web service proxy application.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit of U.S. Provisional Application No. 62/735,631 (DICE 0166 PRV) filed Sep. 24, 2018.

TECHNICAL FIELD

This technology relates to a gateway for a networked video management system, and more specifically, a networked video management system including a web service proxy protocol.

BACKGROUND

Networked video management systems exist to facilitate the streaming, recording and viewing of video data over a network. Many of these systems may include a network video recorder (NVR) or a digital video recorder (DVR). An NVR may be a software application that records video data on a digital medium. NVRs may be typically executed on a dedicated computer device embedded with a digital medium configured to store the NVR and recorded video data, and a processor to execute the NVR. A DVR may be a hardware device that records video data on a digital medium included on the hardware device. While NVRs connected directly to a video capture camera or tuner, a DVR may be connected to a network. A DVR encodes video data while an NVR receives processed and encoded video data for a network camera device. NVRs and DVRs may be commonly deployed in video surveillance systems. There exists a need to develop hardware and/or software solutions for networked video management systems that may be cost effective and flexible with high performance.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts a computer architecture for a video management system according to one variation.

FIG. 2 depicts a sequence diagram of a web service proxy protocol according to one variation.

FIG. 3 may be a graphical user interface (“GUI”) for registering, organizing and updated network cameras installed on a video management system according to one variation.

FIG. 4 may be a GUI for viewing video data streams from network cameras installed on a video management system according to one variation.

FIG. 5 may be a GUI for conducting a timeline search of video data streams from network cameras installed on a video management system according to one variation.

FIG. 6 may be a GUI for viewing applicable client sites and installed network cameras via a map screen.

FIG. 7 may be a GUI for displaying a dashboard including information to analyze and restore installed network cameras and monitor access to installed video cameras.

FIG. 8 may be a GUI for displaying bandwidth information to identify potential network traffic issues on the video management system and to manage data usage on the video management system.

DETAILED DESCRIPTION

NVRs and DVRs may be commonly used in network video management systems. These systems may be commonly deployed in video surveillance systems. As part of the deployment, the NVRs and/or DVRs (with associated hardware) may be installed at the surveillance site and may be configured to store video data on the devices at the site. On-site storage of video data may be relatively expensive because of infrastructure and maintenance costs associated with NVRs and DVRs. Moreover, there may be difficulties viewing the stored video data remotely from NVRs and DVRs.

The following variations may be drawn to a gateway for a networked video management system that may include a gateway client application that may be executed from a video gateway device, typically residing at a client site, such as, a video surveillance site. The video client application may be configured to transmit video data from the video gateway device to a cloud instance. The video data may be transmitted to the cloud instance through a secure hypertext transfer protocol (HTTPS) connection to the cloud instance to avoid any firewall present at the client site.

FIG. 1 depicts a computer architecture for a networked video management system 10 according to one variation. The video management system 10 may include a client network 12 residing at a client site 14. The video management system 10 also may include server network 16 virtually residing on a cloud instance 18. Server network 16 may also reside on a bare or a virtual machine. Client and server network 12 and 16 communicate with each other over external communication network 20.

As shown FIGS. 1 and 2, client network 12 may include first and second video gateway devices 22 a and 22 b. Each video gateway device 22 a and 22 b may be a hardware device that may be configured to act as a gate between client network 12 and server network 16 to enable network traffic, including streaming video data traffic, to flow in and out of each network 12 and 16. While two video gateway devices 22 a and 22 b may be shown in FIG. 1, the number of video gateway devices may be significantly scalable. In certain variations, the number of video gateway devices may be only limited by the available provisioned cloud resources. The number may be about 10,000. The number may be exceeded with the implementation of network load balancing.

Each video gateway device 22 a and 22 b may be configured to communicate between networks 12 and 16 using one or more protocols. Network cameras 24 a 1, 24 a 2 and 24 an may be connected to video gateway device 22 a. Network cameras 26 b 1, 26 b 2 and 26 bn may be connected to video gateway device 22 b. While three network cameras may be shown connected to each of video gateway devices 22 a and 22 b, the number of network cameras connected to each may be significantly scalable. The number of network cameras may only be limited based on hardware specifications and operating system limitations. The number may be about 100 using a relatively low powered device. In one variation, a network camera may include, without limitation, a lens, an image sensor, a processor, and memory. The memory may be configured to store firmware and video data, e.g., video sequence recordings. The firmware may include computer instructions that perform functions when the instructions may be executed by the process. These functions may include, without limitation, networking functions, video processing functions and video analysis functions. A network camera typically may have its own IP address so that it may be connected to a network through a wireless or wired connection. The network cameras 26 a and 26 b depicted in FIG. 1 may be configured to transmit video data to video gateway devices 24 a and 24 b, respectively.

Video gateway modules 22 a and 22 b each include memory configured to video client applications 8. The video client application may be programmed in a run-time environment. The run-time environment may be JavaScript, for example, node.js. respectively. Video client applications 8 include instructions when executed by a processor included in each video gateway modules 22 a and 22 b perform video streaming functions and other functions as set forth herein.

Server network 16 may include application containers. The application containers may be used to deploy and run distributed applications without launching an entire virtual machine for each application within the container. Each of the containerized applications may be executed on a single host and may be configured to access the same operating system (OS) kernel. Each application container may include a set of runtime components, e.g., files, environment variables and libraries, to perform application functions upon execution of the runtime components. In one or more variations, the set of runtime components to execute in an application container may be an image. A container engine deploys these images on server network 16 or another host.

Web service proxy container 30 may be in communication with web service client containers 32 a and 32 b and may include a public key infrastructure 28. Virtual camera containers 34 a and 34 b may be in communication with web service client containers 32 a and 32 b, respectively. Virtual camera container 34 a may be in communication with recorder container 36 a, thumbnails container 38 a, and analytics container 40 a. Virtual camera container 34 b may be in communication with recorder container 36 b, thumbnails container 38 b, and analytics container 40 b. Data storage medium 42 stores recorded video data received from recorder containers 36 a and 36 b and thumbnail video data received from thumbnails containers 38 a and 38 b. Live video transcoding container 44 may be in communication with virtual camera container 34 a. Video encoders 46 a and 46 b may be in communication with data storage medium 42. Application programming interface (API) container 48 may be in communication with video encoders 46 a and 46 b. Live video transcoding container 44 and API container 48 may be in communication user computers 52 a, 52 b and 52 n through external communication network 50.

Web server proxy container 30 may include a container engine configured to execute a container image to connect user computers 52 a, 52 b and 52 n with network cameras 24 a and 26 a based on a proxy protocol. The proxy protocol may be configured to carry connection information from the user computers 52 a, 52 b and 52 n to video gateway devices 22 a and 22 b when those devices requested the connection. User computers 52 a, 52 b and 52 n may use a real time streaming protocol (RTSP). The proxy protocol of the server proxy container 30 may be configured to support RTSP, as well as other protocols, such as real time transport protocol (RTP) or HTTPS. In one or more variations, components of the container image may be programmed in a run-time environment. The run-time environment may be JavaScript, for example, node.js.

FIG. 2 depicts a sequence diagram of a web service proxy protocol 100 that may be executed by the engine of the web service proxy container 30 and video gateway devices 22 a and 22 b according to one variation. As shown by arrow 102, video client application initiates a connection to web server proxy container 30. The connection may be established through HTTPS by checking the certificate of the video client application, as shown by arrow 104. Once the connection may be established, it may be upgraded to a websocket connection. This initial connection may stay open during the entire sequence of the web service proxy protocol. The initial connection may be used by web server proxy container 30 to send requests for tunnels to video client applications 8. The initial connection may also be used by video client applications 8 to notify web server proxy container 30 that video client applications 8 have detected one or more network cameras on client network 12.

At arrow 106, web service proxy container 30 assigns a scan for network cameras to video gateway devices 22 a and/or 22 b. At arrow 108, video gateway devices 22 a and/or 22 b perform a scan of client network 12 to determine the presence of any network cameras (e.g., network cameras 24 a and 24 b). The results of the network scan may be transmitted by video gateway devices 22 a and/or 22 b to web service proxy container 30, as depicted by arrow 110. Web service proxy container 30 adds available network cameras to a work queue 112 as depicted by arrow 114.

As depicted by arrow 116, recorder containers 36 a and/or 36 b may be configured to check work queue 112 for available network cameras. In response, work queue 112 transmits a message to recorder containers 36 a and/or 36 b including a list of available network cameras, as depicted by arrow 118. After the available network cameras may be transmitted, recorder containers 36 a and/or 36 b transmits a video request to web service client containers 38 a and/or 38 b, respectively, as represented by arrow 120. Upon receiving the video data request, recorder containers 36 a and/or 36 b request a tunnel from web service proxy container 30, as depicted by arrow 122. Upon the web service proxy container 30 receiving the tunnel request, the web service proxy container 30 requests the tunnel from the video gateway devices 22 a and/or 22 b, respectively, as depicted in arrow 124. In turn, gateway devices 22 a and 22 b may be configured to establish a tunnel with network cameras, as depicted in arrow 126.

As depicted by arrow 128, the tunnel may be opened between one or more network cameras and video gateway devices 22 a and/or 22 b. The tunnel may be then offered to web service proxy container 30 by video gateway devices 22 a and 22 b, depicted by arrow 130. In turn, as depicted by arrow 132, web service proxy container 30 offers the tunnel to web service client containers 32 a and/or 32 b. As shown by arrow 134, RTSP traffic may be established between one or more network cameras and recorder containers 36 a and/or 36 b.

In certain variations, when web service proxy container 30 may be notified of a network camera at client site 14 (e.g., at arrow 110), web service proxy container 30 sends a tunnel request to the video gateway devices 22 a and/or 22 b (e.g., at arrow 124). This tunnel request may be made using the initial connection. Video gateway devices 22 a and/or 22 b determine if the tunnel request may be valid. If the tunnel request may be valid, then video gateway devices 22 a and/or 22 b open a second secure protocol connection (e.g., HTTPS connection) to the web service proxy container 30. In one or more variations, the second connection may be upgraded to a websocket connection. This second connection may be used to transmit network traffic between the network camera(s) and recorder containers 36 a and/or 36 b (e.g., arrow 134).

After the second connection has been opened, a listening port may be opened on server network 16 at web service client containers 32 a and 32 b. The listening port transmits all traffic it receives from virtual camera containers 34 a and 34 b to the applicable network camera at client site 14. In one or more variations, only Internet connectivity may be necessary to transmit traffic between network camera(s) and recorder containers 36 a and/or 36 b. No other network considerations (e.g., firewalls) may be necessary because the video management system 10 only initiates Internet connections (e.g., HTTPS connection) to server network 16, e.g., web service proxy container 30. The process associated with web service proxy protocol 100 shown in FIG. 2 may be transparent to client applications executed on the cloud. Web service client containers 32 a and 32 b automatically buffer data until the tunnel created by the process described above may be ready, which lets any standard video processing software treat the port as if it was opened directly to the camera. Video recording software designed to connect directly to network camera may be used to record video data and streams form the network camera. Examples of the video recording software include the software stored in recorder containers 36 a and 36 b.

FIG. 3 may be a graphical user interface (“GUI”) 200 for registering, organizing and updated network cameras installed on a video management system according to one variation. In one variation, API container 48 may include an image that may be configured to be executed by an engine to perform queries to obtain the video data streams displayed through GUI 200. GUI 200 may include a list 202 of network cameras and encoders for a subscriber or client of video management system 10. The network cameras and/or encoders may be connected to video gateway devices 22 a or 22 b and server network 16 to facilitate the subscriber's or client's viewing of video streams from a user computer. Serial number 204, brand name 206, model 208, username 210, description 212, and live thumbnail live stream 214 may be displayed in GUI 200 for each camera or encoder in list 202.

FIG. 4 may be a GUI 300 for viewing video data streams from network cameras installed on a video management system according to one variation. In one variation, API container 48 may include an image that may be configured to be executed by an engine to retrieve a list of cameras and transcoding container 44 may include an image that may be configured to be executed by an engine to view the video data streams through GUI 300. GUI 300 may include a matrix 302 of thumbnail windows 304. Each thumbnail window 304 may include a video data stream from a network camera. The video data stream may be a live video data stream so that the user may react to situations developing in real-time. The video data stream may also be a recorded video data stream. A label 306 may be situated above each window and may include a description of the video data stream at a client site 14. Non-limiting examples include “front drive,” “semi dock,” “diesel generator,” and “roof generator.” A time stamp 308, including date and time in HH:MM:SS format, may be situated below each window 304. While a 6 by 3 matrix of windows 304 may be shown in FIG. 4 the number of windows 304, including the number of rows and columns, may be customizable by the user. GUI 300 may be configured such that each thumbnail window 304 may be expanded so that the user may obtain a more detailed view of the video data stream.

FIG. 5 may be a GUI 400 for conducting a timeline search of video data streams from network cameras installed on a video management system according to one variation. In one variation, API container 48 may include an image that may be configured to be executed by an engine to query data storage medium 42 for a list of thumbnails and to submit a video encoding request to encoder containers 46 a and 46 b. GUI 400 may include timeline search window 402 and data stream windows matrix 404. Timeline search window 402 may include data input fields for account 406, device 408, stream number 410, start date and time 412, end date and time 414, and size 416. Timeline search window 402 also may include submit button 418 and back button 420. A user inputs the account name in account data input field 406. The user inputs the device number in device data input field 408. The user inputs the stream (e.g., that correlates to one of the network cameras) into stream data input field 410. The user inputs a start date and time in HH:MM am/pm format in start date and time input field 412. The user inputs an end date and time in HH:MM am/pm format in start date and time input field 414. The user inputs size in size data input field 416. In the example shown in FIG. 5, the difference between the start and end time may be 1 hour and the size may be 6. Once all the data may be input into data input fields 406 through 416, the user clicks the submit button 418 to perform a timeline search. Accordingly, the data stream windows matrix 404 shows six window with a time slice every ten (10) minutes within between the start and stop times (e.g., sixty (60) minutes divided by 6). Each window 422 within matrix 404 may include a time stamp portion 424 including a download link configured to download the associated thumbnail image and streaming, and window portion 426 configured to display a thumbnail image and a video data stream starting at the start time identified in the time stamp portion 424. The timeline search window enables the user to pinpoint the exact timeframes of events and narrow a user's search with interactive thumbnail slices.

FIG. 6 may be a GUI 500 for viewing applicable client sites and installed network cameras via a map screen. In one variation, API container 48 may include an image that may be configured to be executed by an engine to query a database to retrieve and plot the latitude and longitude as entered by the user and associated with the video data stream. GUI 500 may include network camera digital map 502 including the locations 504 of network cameras at a client site 14. GUI 500 also may include an account information window 506 including account information for the user. GUI 500 may include a matrix 508 of thumbnail windows 510. Each thumbnail window 510 may include a video data stream from a network camera. The video data stream may be a live video data stream so that the user may react to situations developing in real-time. The video data stream may also be a recorded video data stream. A label 512 may be situated above each window and may include a description of the video data stream at a client site 14. Non-limiting examples include “front drive,” “semi dock,” “diesel generator,” and “roof generator.” A time stamp 514, including date and time in HH:MM:SS format, may be situated below each window 510. While a 3 by 3 matrix of windows 510 may be shown in FIG. 6 the number of windows 510, including the number of rows and columns, may be customizable by the user. GUI 500 may be configured such that each thumbnail window 510 may be expanded so that the user may obtain a more detailed view of the video data stream. Map GUI 500 enables the user to view satellite images of different client sites 14 and stream real time thumbnail videos of all network camera at each location.

FIG. 7 may be a GUI 600 for displaying a dashboard including information to analyze and restore installed network cameras and monitor access to installed video cameras. In one variation, API container 48 may include an image that may be configured to be executed by an engine to query a database, a work queue, embedded APIs in recorder containers 36 a and 36 b, recorder web service proxy container 30, and transcoding container 44. The queried data may be displayed through GUI 600. GUI 600 may include account number window 602, status window 604, live stream 606, and recorder window 608. Account number window 602 may include a data entry field 610 for an account number of a user. Status window 604 may include statistics regarding streams recording, cameras reporting and registered cameras. Live streams window may include a list 612 of live streams for a user. Each live stream may include the following non-limiting information: user, account number, edge, camera, stream and stream started date and time. Recorders window 608 may include a list 614 of recorders or other network cameras. Each recorder listed may include the following non-limiting information: account number, edge, camera, stream recorder started, recording started, tags, and thumbnail. Dashboard GUI 600 enables users to analyze and restore devices and monitor employee access.

FIG. 8 may be a GUI 700 for displaying a bandwidth information to identify potential network traffic issues on the video management system and to manage data usage on the video management system. In one variation, API container 48 may include an image that may be configured to be executed by an engine to query bandwidth data recorded in virtual camera containers 34 a and 34 b. The queried data may be displayed through GUI 700. GUI 700 may include select subscriber window 702, bandwidth selector window 704, bandwidth usage window 706, and gateway bandwidth window 708. Select subscriber window 702 may be configured to enable a user to input an account number through account number data input field 710. Bandwidth selector window 706 may include data input fields for selector type 712 (e.g., account number), time unit 714, start date 716, and end date 718. Bandwidth selector window 706 also may include a submit button 720. After the user inputs date into data input fields 712 through 718, then user selects submit button 720 so that the data meeting the data input fields 712 through 718 may be displayed bandwidth usage window 706 and gateway bandwidth window 708. Bandwidth usage window 706 displays a graph 722 that plots the amount of bandwidth used by each network camera versus time from the start time to end time. Gateway bandwidth window 708 displays a list 724 of network cameras. For each network camera, the network camera name and bandwidth used on the start and ends dates may be displayed. Bandwidth GUI 700 enables users to identify potential network issues and manage data issues as needed.

According to variation 1, a method may include providing a computer system for networked video management, the computer system may include at least one computer having non-transitory memory for storing machine instructions that are to be executed by the computer, the machine instructions when executed by the computer implement the following web service proxy protocol: opening at least one first network connection from at least one video gateway device to at least one web service proxy application and opening at least one second network connection from the at least one video gateway device to at least one network camera on a server network; performing a scan for network cameras on the server network via the at least one gateway device and transmitting the results of the scan to the web service proxy application; and establishing at least one tunnel between the at least one network camera and the web service proxy application.

Variation 2 may include a product as set forth in variation 1, and further may include requesting a scan of the server network by the web service proxy application for network cameras on the server network prior to performing a scan for network cameras on the server network via the at least one gateway device and transmitting the results of the scan to the web service proxy application.

Variation 3 may include a product as set forth in any of variations 1 and 2, and further may include correlating the results of the scan with a predetermined set of user identified network cameras prior to establishing at least one tunnel between the at least one network camera and the web service proxy application.

Variation 4 may include a product as set forth in any of variations 1 through 3, wherein the web service proxy protocol may include a public key infrastructure.

Variation 5 may include a product as set forth in any of variations 1 through 4, wherein establishing at least one tunnel between the set of user identified network cameras and the web service proxy application may be established through a secure hypertext transfer protocol.

According to variation 6, a product may include a computer system for networked video management, the computer system may include at least one computer having non-transitory memory for storing machine instructions that are to be executed by the computer, the machine instructions when executed by the computer implement the following web service proxy protocol: opening at least one first network connection from at least one video gateway device to at least one web service proxy application and opening at least one second network connection from the at least one video gateway device to at least one network camera on a server network; requesting a scan of the server network by the web service proxy application for network cameras on the server network; performing a scan for network cameras on the network via the at least one gateway device and transmitting the results of the scan to the web service proxy application; correlating the results of the scan with a predetermined set of user identified network cameras; and establishing at least one tunnel between each camera in the set of user identified network cameras and the web service proxy application.

Variation 7 may include a product as set forth in variation 6 and further may include establishing a real time streaming protocol between the at least one network camera and at least one recorder container.

Variation 8 may include a product as set forth in any of variations 6 through 8 wherein the web service proxy protocol may include a public key infrastructure.

Variation 9 may include a product as set forth in any of variations 6 through 8 wherein establishing a tunnel between the set of user identified network cameras and the web service proxy application may be established through a secure hypertext transfer protocol.

According to variation 10, a product may include a computer system for networked video management, the computer system may include at least one computer having non-transitory memory for storing machine instructions that are to be executed by the computer, the machine instructions when executed by the computer implement the following web service proxy protocol: requesting at least one first tunnel from at least one gateway device to at least one web service proxy application; requesting a scan by the web service proxy application for network cameras on a server network; performing a scan for network cameras on the network via the at least one gateway device; communicating the results of the scan to the web service proxy application; correlating the results of the scan with a set of user identified cameras; sending a request from the web service proxy application to the video gateway device for at least a second tunnel; opening at least one network connection from the video gateway device to each of the cameras in the set of user identified network cameras; temporarily buffering any input and any output of the at least one network connection; and establishing at least one second tunnel between each camera in the set of user identified cameras and the web service proxy application.

Variation 11 may include a product as set forth in variation 10 and further may include establishing a real time streaming protocol between each camera in the set of user identified cameras and at least one recorder container.

Variation 12 may include a product as set forth in any of variations 10 and 11 wherein the web service proxy protocol may include a public key infrastructure.

Variation 13 may include a product as set forth in any of variations 10 through 12 wherein establishing a tunnel between each camera in the set of user identified cameras and the web service proxy application may be established through a secure hypertext transfer protocol.

As required, detailed variations are disclosed herein; however, it is to be understood that the disclosed variations are merely exemplary of the invention that may materialize in various and alternative forms. The figures may be not necessarily to scale; some features may be exaggerated or minimized to show details of particular components. Therefore, specific structural and functional details disclosed herein are not to be interpreted as limiting, but merely as a representative basis for teaching one skilled in the art to variously employ the present invention.

While exemplary variations may be described above, it is not intended that these variations describe all possible forms of the invention. Rather, the words used in the specification is words of description rather than limitation, and it is understood that various changes may be made without departing from the spirit and scope of the invention. Additionally, the features of various implementing variations may be combined to form further variations of the invention. 

What is claimed is:
 1. A product comprising: a computer system for networked video management, the computer system comprising at least one computer having non-transitory memory configured to store machine instructions that are to be executed by the computer, the machine instructions when executed by the computer implement the following web service proxy protocol functions: establishing an initial network connection between a video gateway device including a video client application and residing at a client site by checking a certificate of the video client application; receiving a first tunnel request from a web service client container; upon receipt of the first tunnel request from the web service client container, requesting a tunnel through a second tunnel request from and through the video gateway device, the tunnel requested through the initial network connection; receiving an offer of the tunnel from and through the video gateway device through a second network connection in response to validating the second tunnel request through the initial network connection; offering the tunnel to the web service client container from and through the video gateway device, the tunnel offered through the second network connection; opening a listening port at the web service client container to transmit video traffic over the tunnel offered through the second network connection; and maintaining the initial network connection for video application notifications to the web server client container.
 2. The product of claim 1, wherein the web service proxy protocol functions further include opening the initial network connection from the video gateway device to a web service proxy protocol.
 3. The product of claim 2, wherein the web service proxy protocol functions further include maintaining the initial network connection during implementation of the receiving the tunnel request function, the requesting the tunnel function, the receiving the offer of the tunnel function, and the offering the tunnel function.
 4. The product of claim 2, wherein the web service proxy protocol includes a public key infrastructure.
 5. The product of claim 2, wherein the opening function includes checking a certificate of the video gateway device.
 6. The product of claim 2, wherein the opening function includes establishing the initial network connection through a secure hyperlink transfer protocol connection.
 7. The product of claim 2, wherein the web service proxy protocol is included in a web server proxy container.
 8. A product comprising: a computer system for networked video management, the computer system comprising at least one computer having non-transitory memory configured to store machine instructions that are to be executed by the computer, the machine instructions when executed by the computer implement the following web service proxy protocol functions: establishing an initial network connection between a video gateway device including a video client application and residing at a client site by checking a certificate of the video client application; receiving a list of connected network cameras from the video gateway device; receiving a first tunnel request from a web service client container, the tunnel request configured to establish a tunnel between one or more connected network cameras on the list of connected network cameras and a video recorder application; upon receipt of the first tunnel request from the web service client container, requesting a tunnel through a second tunnel request from and through the video gateway device, the tunnel requested through the initial network connection; receiving an offer of the tunnel from and through the video gateway device through a second network connection in response to validating the second tunnel request through the initial network connection; offering the tunnel to the web service client container from and through the video gateway device to avoid one or more firewalls present at the client site, the tunnel offered through the second network connection; opening a listening port at the web service client container to transmit video traffic over the tunnel offered through the second network connection; and maintaining the initial network connection for video application notifications to the web server client container.
 9. The product of claim 8, wherein the web service proxy protocol functions further include opening the initial network connection from the video gateway device to a web service proxy protocol.
 10. The product of claim 9, wherein the web service | proxy protocol functions further include maintaining the initial network connection during implementation of the receiving the tunnel request function, the requesting the tunnel function, the receiving the offer of the tunnel function, and the offering the tunnel function.
 11. The product of claim 9, wherein the web service proxy protocol includes a public key infrastructure.
 12. The product of claim 9, wherein the opening function includes checking a certificate of the video gateway device.
 13. The product of claim 9, wherein the opening function includes establishing the initial network connection through a secure hyperlink transfer protocol connection.
 14. The product of claim 9, wherein the web service proxy protocol is included in a web server proxy container.
 15. A product comprising: a computer system for networked video management, the computer system comprising at least one computer having non-transitory memory configured to store machine instructions that are to be executed by the computer, the machine instructions when executed by the computer implement the following web service proxy protocol functions: establishing an initial network connection between a video gateway device including a video client application and residing at a client site by checking a certificate of the video client application; receiving a list of connected network cameras from the video gateway device; adding the list of connected network cameras to a work queue; receiving a first tunnel request from a web service client container, the tunnel request configured to establish a tunnel between one or more connected network cameras on the list of connected network cameras and a video recorder application; upon receipt of the first tunnel request from the web service client container, requesting a tunnel through a second tunnel request from and through the video gateway device residing at a client site, the tunnel requested through the initial network connection; receiving an offer of the tunnel from and through the video gateway device through a second network connection in response to validating the second tunnel request through the initial network connection; offering the tunnel to the web service client container from and through the video gateway device to avoid one or more firewalls present at the client site, the tunnel offered through the second network connection; opening a listening port at the web service client container to transmit video traffic between the connected network cameras and the video recorder application over the tunnel offered through the second network connection; and maintaining the initial network connection for video application notifications that update the list of connected network cameras to the web server client container.
 16. The product of claim 15, wherein the web service proxy protocol functions further include opening the initial network connection from the video gateway device to a web service proxy protocol.
 17. The product of claim 16, wherein the web service proxy protocol functions further include maintaining the initial network connection during implementation of the receiving the tunnel request function, the requesting the tunnel function, the receiving the offer of the tunnel function, and the offering the tunnel function.
 18. The product of claim 16, wherein the web service proxy protocol includes a public key infrastructure.
 19. The product of claim 16, wherein the opening function includes checking a certificate of the video gateway device.
 20. The product of claim 16, wherein the opening function includes establishing the initial network connection through a secure hyperlink transfer protocol connection. 